From a7794b765cb16589155a53ebdd4cda1120c565ab Mon Sep 17 00:00:00 2001
From: omniError <omniError@github>
Date: Sun, 13 Jul 2014 14:01:50 -0500
Subject: [PATCH] [ticket/12831] Optn to prevent setting HTTP headers

https://tracker.phpbb.com/browse/PHPBB3-12831

PHPBB3-12831
---
 phpBB/includes/functions.php     | 31 ++++++++++++++++++++-----------
 phpBB/includes/functions_acp.php | 29 ++++++++++++++++++++++++-----
 2 files changed, 44 insertions(+), 16 deletions(-)

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 158bf1cbc0..e9f3ce59bd 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -5030,6 +5030,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 		'SITE_LOGO_IMG'			=> $user->img('site_logo'),
 	));
 
+	// A listener can set this variable to `false` when it wants to prevent setting of headers
+	$page_header_set_headers = true;
+
 	/**
 	* Execute code and/or overwrite _common_ template variables after they have been assigned.
 	*
@@ -5040,23 +5043,29 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 	*									session item, e.g. forum for
 	*									session_forum_id
 	* @var	int		item_id				Restrict online users to item id
+	* @var	bool	page_header_set_headers	Set to false if phpBB should not
+	*										set HTTP headers (since you have
+	*							 		 	set them elsewhere).
 	*
 	* @since 3.1.0-b3
 	*/
-	$vars = array('page_title', 'display_online_list', 'item_id', 'item');
+	$vars = array('page_title', 'display_online_list', 'item_id', 'item', 'page_header_set_headers');
 	extract($phpbb_dispatcher->trigger_event('core.page_header_after', compact($vars)));
 
-	// application/xhtml+xml not used because of IE
-	header('Content-type: text/html; charset=UTF-8');
-
-	header('Cache-Control: private, no-cache="set-cookie"');
-	header('Expires: 0');
-	header('Pragma: no-cache');
-
-	if (!empty($user->data['is_bot']))
+	if ($page_header_set_headers)
 	{
-		// Let reverse proxies know we detected a bot.
-		header('X-PHPBB-IS-BOT: yes');
+		// application/xhtml+xml not used because of IE
+		header('Content-type: text/html; charset=UTF-8');
+
+		header('Cache-Control: private, no-cache="set-cookie"');
+		header('Expires: 0');
+		header('Pragma: no-cache');
+
+		if (!empty($user->data['is_bot']))
+		{
+			// Let reverse proxies know we detected a bot.
+			header('X-PHPBB-IS-BOT: yes');
+		}
 	}
 
 	return;
diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php
index 8453da6e6e..ce020fbdf1 100644
--- a/phpBB/includes/functions_acp.php
+++ b/phpBB/includes/functions_acp.php
@@ -107,12 +107,31 @@ function adm_page_header($page_title)
 		'S_CONTENT_FLOW_END'	=> ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
 	));
 
-	// application/xhtml+xml not used because of IE
-	header('Content-type: text/html; charset=UTF-8');
+	// A listener can set this variable to `false` when it wants to prevent setting of headers
+	$adm_page_header_set_headers = true;
 
-	header('Cache-Control: private, no-cache="set-cookie"');
-	header('Expires: 0');
-	header('Pragma: no-cache');
+	/**
+	* Execute code and/or overwrite _common_ template variables after they have been assigned.
+	*
+	* @event core.adm_page_header_after
+	* @var	string	page_title			Page title
+	* @var	bool	adm_page_header_set_headers	Set to false if phpBB should not
+	*									set HTTP headers (useful for integrators).
+	*
+	* @since 3.1.0-RC3
+	*/
+	$vars = array('page_title', 'adm_page_header_set_headers');
+	extract($phpbb_dispatcher->trigger_event('core.adm_page_header_after', compact($vars)));
+
+	if ($adm_page_header_set_headers)
+	{
+		// application/xhtml+xml not used because of IE
+		header('Content-type: text/html; charset=UTF-8');
+
+		header('Cache-Control: private, no-cache="set-cookie"');
+		header('Expires: 0');
+		header('Pragma: no-cache');
+	}
 
 	return;
 }